supabase
/
auth
/
22171380148
69%
|
Ran
|
Jobs
1
|
Files
172
|
Run time
1min
|
Badge
Embed ▾
README BADGES
|
coverage: 69.141%. Remained the same
push
github
web-flowfix: correctly parse JWT ValidMethods from env by enabling split_words (#2334) ## What kind of change does this PR introduce? Bug fix ## What is the current behavior? JWT ValidMethods not parsed from env because split_words was missing on the struct tag, causing envconfig to look for `GOTRUE_JWT_VALIDMETHODS` instead of `GOTRUE_JWT_VALID_METHODS`. Since v2.71.1, cli defaults to asymmetric keys, which caused valid HS256 tokens to be rejected. ## What is the new behavior? This change adds `split_words` to ensure the correct env var is used. I assume that `GOTRUE_JWT_VALID_METHODS` is the correct env var but if it isn't, then this issue can also be solved by updating the env var passed to auth service in [supabase cli](https://github.com/supabase/cli/blob/5122df4f6/internal/start/start.go#L629) to ``` env = append(env, "GOTRUE_JWT_VALIDMETHODS=HS256,RS256,ES256") ``` ## Additional context The following screenshots are from print statements I added 1. config.JWT.ValidMethods was nil because it was looking for wrong env var. It defaulted to jwk key algorithm (ES256). https://github.com/supabase/auth/blob/645654df6/internal/conf/configuration.go#L1092-L1097 <img width="1289" height="61" alt="Screenshot 2026-01-17 041756" src="https://github.com/user-attachments/assets/00d0e883-cec8-472a-946b-0ac65b6c140d" /> <img width="622" height="122" alt="Screenshot 2026-01-17 042002" src="https://github.com/user-attachments/assets/844bcb38-cd45-4e11-992a-e230ade6cb1e" /> 2. After <img width="977" height="82" alt="image" src="https://github.com/user-attachments/assets/55271d4a-16cf-4ec7-923e-f581d0f5c15d" />
15023 of 21728 relevant lines covered (69.14%)
80.76 hits per line
Jobs
| ID | Job ID | Ran | Files | Coverage | |
|---|---|---|---|---|---|
| 1 | 22171380148.1 | 172 |
69.14 |
GitHub Action Run |
